CA Federation Manager Installation Guide. What is CA Federation Manager? A standalone product that does not require the existence of any CA Siteminder component on the target system Easy to Deploy Supports SAML1.1 and SAML2.0 Protocol Pre-requisite   Memory 1GB (minimum), 2GB recommended Disk Space 2GB minimum (900M disk space, 700M temporary file location) Browser…

Read More

Optimizing CA Siteminder Performance Understand the Agent connectivity to Policy Server How Threading in Policy Server Works Troubleshooting methods Cache management. Understand the Agent connectivity to Policy Server  The Web Agent opens the TCP connection to the Policy Server (default:20 ) Policy Server closes the connection and has the following parameter Max Connection Idle Timeout…

Read More

CA Siteminder Authentication – Authorization Mapping In this post i am going to show you how to configure user  to Authenticate against userdiretory1  and authorize against userdirectory2. In my scenario i have created 2 user directory 1. User Directory   (  Unfortunately named as User Directory… don’t get confused) 2. NAM eDirectory Go to Infrastucture –>…

Read More

Changing the Login attribute to mail ID from a default CN value In this Post will show you how to change the login attribute from the default value “CN” to email address. Login to Siteminder admin console and navigate to Infrastrusture –> Directory –> “Select the User Directory” And change the  LDAP User DN  Lookup…

Read More

How to configure Single Sign-On Across Multiple Cookie Domains When user logs into Website A and while switching to website B on the same browser, they are asked to enter the user credentials which are in different cookie domain. The ability to pass single sign-on information across multiple cookie domains enables a user to authenticate…

Read More

CA Siteminder High Availability You can setup High Availability for different CA Siteminder components as shown below Basically you can do this for the below      WebServer      Policy Server      Policy Store or User Store     1. Webserver    First is Webserver is where you install the CA Siteminder Webagent. High Availability can…

Read More

SSO Security Zones Creating single sign-on security zones within the same cookie domain to represent it as multiple cookie domain. As a result, users can have single sign-on within the same zone, but may be re-challenged when entering a different zone   Cookies affected by this Security Zones SiteMinder uses state cookies to manage the…

Read More

CA Siteminder Authentication Scheme Form and DynamicRetry   HTML Form Authentication. Clear the Flush for the Realm after changing the Authentication Scheme   DynamicRetry.fcc and DynamicRetry.unauth The login page (DynamicRetry.fcc) is configured to send users to the unauthorized page (DynamicRetry.unauth) after one failed login attempt. The unauthorized page is a different template file than the…

Read More

How to configure Change Password using Siteminder Policy Server This post will guide you to configure Siteminder Policy Server for “change password”  use case. This is a straight forward setup. Version: CA Siteminder r12.51 Three steps to complete this setup Adding password attributes in the Policy Server configuration user store Create Password Policy in the…

Read More

CA Siteminder r12.x Policy Server command line backup tools This post will guide you to take backup of Policy Server objects using XPSExport and XPSImport (XML Based Export and Import). Prior to r12.x Siteminder Policy Server objects are exported using smobjimport and smobjexport which exports objects using SMDIF format (Siteminder Data interchange Format). XPSExport XPSExport…

Read More